I want to be able to run a cron job as the tomcat6 user. I tried to su tomcat6 but I don't know the default password for that user. Should I run them as tomcat6 (if I can find out the password - this is on Ubunbu 9.04) or run them as another user but grant the tomcat6 user access to the necessary files? If I do the second option, should I create a group and add tomcat6 to that as well as any other users that may need to run the script the cron job kicks off?

1 Answer
1

I'm not sure whether you've got root on this server or not, could you please clarify? It would seem you don't as you've been asked for a password, but on the other hand you mention creating a group, which in principle you could only do with root access of some kind.

If you've got sudo access as expected on Ubuntu you can easily become tomcat6 like this:

sudo su - tomcat6

Or edit tomcat6's crontab directly:

sudo crontab -u tomcat6

You could of course also add the job directly to the system crontab, remembering to use tomcat6 on the sixth column:

sudo vim /etc/crontab

As for the rest, if this cronjob has to write to files belonging to different users I would probably use a dedicated group (say tomcat6 - check whether you have it already). Then, for each file in that set:

Yes, I do have root on the server. I was asked for a password when tried su tomcat6, but doing sudo su - tomcat6 works. It has to write to directories belonging to other users (to unzip files, move them, etc.), so I might use the group that exists and add tomcat6 to it or use the tomcat6 group
–
Wallace SeanMay 12 '11 at 5:30